-
+ @for (report of reports; track report) {
+
+ }
@for (benefit of benefits(); track $index) {
@@ -38,69 +37,74 @@
}
-
-
- {{ "reviewAtRiskPasswords" | i18n }}
-
- @let isRunningReport = dataService.isGeneratingReport$ | async;
+ @if (appsCount > 0) {
+
+ {{ "reviewAtRiskPasswords" | i18n }}
+
+ }
@@ -62,7 +63,6 @@
}
-
-
-
diff --git a/bitwarden_license/bit-web/src/app/dirt/access-intelligence/shared/app-table-row-scrollable.component.html b/bitwarden_license/bit-web/src/app/dirt/access-intelligence/shared/app-table-row-scrollable.component.html
index 0494f77bd46..0a72c76a550 100644
--- a/bitwarden_license/bit-web/src/app/dirt/access-intelligence/shared/app-table-row-scrollable.component.html
+++ b/bitwarden_license/bit-web/src/app/dirt/access-intelligence/shared/app-table-row-scrollable.component.html
@@ -12,28 +12,32 @@
{{ "totalMembers" | i18n }} |
-
-
-
- |
-
-
- |
+ @if (showRowCheckBox) {
+
+ @if (!row.isMarkedAsCritical) {
+
+ }
+ @if (row.isMarkedAsCritical) {
+
+ }
+ |
+ }
+ @if (!showRowCheckBox) {
+
+ @if (row.isMarkedAsCritical) {
+
+ }
+ |
+ }
-
+ @if (row.iconCipher) {
+
+ }
|
{{ row.memberCount }}
|
-
-
-
-
-
-
- |
+ @if (showRowMenuForCriticalApps) {
+
+
+
+
+
+ |
+ }
diff --git a/bitwarden_license/bit-web/src/app/dirt/access-intelligence/shared/report-loading.component.ts b/bitwarden_license/bit-web/src/app/dirt/access-intelligence/shared/report-loading.component.ts
index f3cb89dff55..45b28dae470 100644
--- a/bitwarden_license/bit-web/src/app/dirt/access-intelligence/shared/report-loading.component.ts
+++ b/bitwarden_license/bit-web/src/app/dirt/access-intelligence/shared/report-loading.component.ts
@@ -1,4 +1,3 @@
-import { CommonModule } from "@angular/common";
import { Component, input } from "@angular/core";
import { JslibModule } from "@bitwarden/angular/jslib.module";
@@ -19,7 +18,7 @@ const ProgressStepConfig = Object.freeze({
// eslint-disable-next-line @angular-eslint/prefer-on-push-component-change-detection
@Component({
selector: "dirt-report-loading",
- imports: [CommonModule, JslibModule, ProgressModule],
+ imports: [JslibModule, ProgressModule],
templateUrl: "./report-loading.component.html",
})
export class ReportLoadingComponent {
diff --git a/bitwarden_license/bit-web/src/app/dirt/organization-integrations/integration-grid/integration-grid.component.html b/bitwarden_license/bit-web/src/app/dirt/organization-integrations/integration-grid/integration-grid.component.html
index 9e14023d21b..8127c6a0343 100644
--- a/bitwarden_license/bit-web/src/app/dirt/organization-integrations/integration-grid/integration-grid.component.html
+++ b/bitwarden_license/bit-web/src/app/dirt/organization-integrations/integration-grid/integration-grid.component.html
@@ -1,21 +1,22 @@
- -
-
-
+ @for (integration of integrations; track integration) {
+ -
+
+
+ }
diff --git a/bitwarden_license/bit-web/src/app/dirt/organization-integrations/integrations.component.html b/bitwarden_license/bit-web/src/app/dirt/organization-integrations/integrations.component.html
index a35df3677bb..14f20a0b71c 100644
--- a/bitwarden_license/bit-web/src/app/dirt/organization-integrations/integrations.component.html
+++ b/bitwarden_license/bit-web/src/app/dirt/organization-integrations/integrations.component.html
@@ -24,28 +24,32 @@
@if (organization?.useScim || organization?.useDirectory) {
-
-
- {{ "scimIntegration" | i18n }}
-
-
- {{ "scimIntegrationDescStart" | i18n }}
- {{ "scimIntegration" | i18n }}
- {{ "scimIntegrationDescEnd" | i18n }}
-
-
-
-
-
- {{ "bwdc" | i18n }}
-
- {{ "bwdcDesc" | i18n }}
-
-
+ @if (organization?.useScim) {
+
+
+ {{ "scimIntegration" | i18n }}
+
+
+ {{ "scimIntegrationDescStart" | i18n }}
+ {{ "scimIntegration" | i18n }}
+ {{ "scimIntegrationDescEnd" | i18n }}
+
+
+
+ }
+ @if (organization?.useDirectory) {
+
+
+ {{ "bwdc" | i18n }}
+
+ {{ "bwdcDesc" | i18n }}
+
+
+ }
}
diff --git a/bitwarden_license/bit-web/src/app/dirt/reports/member-access-report/member-access-report.component.html b/bitwarden_license/bit-web/src/app/dirt/reports/member-access-report/member-access-report.component.html
index 0200e206327..440e955a226 100644
--- a/bitwarden_license/bit-web/src/app/dirt/reports/member-access-report/member-access-report.component.html
+++ b/bitwarden_license/bit-web/src/app/dirt/reports/member-access-report/member-access-report.component.html
@@ -1,21 +1,17 @@
-
+ @let isLoading = isLoading$ | async;
-
+ @if (!isLoading) {
+
+
+ }
@@ -24,7 +20,7 @@
-
+@if (isLoading) {
{{ "loading" | i18n }}
-
-
-
- {{ "members" | i18n }} |
- {{ "groups" | i18n }} |
- {{ "collections" | i18n }} |
- {{ "items" | i18n }} |
-
-
-
-
-
-
-
-
-
- {{ row.email }}
+} @else {
+
+
+ {{ "members" | i18n }} |
+ {{ "groups" | i18n }} |
+
+ {{ "collections" | i18n }}
+ |
+ {{ "items" | i18n }} |
+
+
+
+
+
+
+
+
+ {{ row.email }}
+
|
- {{ row.groupsCount }} |
- {{ row.collectionsCount }} |
- {{ row.itemsCount }} |
-
-
+ |
+ {{ row.groupsCount }} |
+ {{ row.collectionsCount }} |
+ {{ row.itemsCount }} |
+
+
+}
From fa5f62e1bd9e00c17e8e216bc85b317f1f065d35 Mon Sep 17 00:00:00 2001
From: Addison Beck
Date: Wed, 28 Jan 2026 16:00:56 -0500
Subject: [PATCH 2/6] Revert "[PM-26821] Improve macOS fullscreen ux (#16838)"
(#18606)
This reverts commit 05ca57d538240d48cc28553e9f2dafe95b717a5a.
---
.../browser/browser-popup-utils.spec.ts | 64 -------------------
.../platform/browser/browser-popup-utils.ts | 23 +------
2 files changed, 1 insertion(+), 86 deletions(-)
diff --git a/apps/browser/src/platform/browser/browser-popup-utils.spec.ts b/apps/browser/src/platform/browser/browser-popup-utils.spec.ts
index cb04f30b589..89459523843 100644
--- a/apps/browser/src/platform/browser/browser-popup-utils.spec.ts
+++ b/apps/browser/src/platform/browser/browser-popup-utils.spec.ts
@@ -140,11 +140,6 @@ describe("BrowserPopupUtils", () => {
describe("openPopout", () => {
beforeEach(() => {
- jest.spyOn(BrowserApi, "getPlatformInfo").mockResolvedValueOnce({
- os: "linux",
- arch: "x86-64",
- nacl_arch: "x86-64",
- });
jest.spyOn(BrowserApi, "getWindow").mockResolvedValueOnce({
id: 1,
left: 100,
@@ -155,8 +150,6 @@ describe("BrowserPopupUtils", () => {
width: PopupWidthOptions.default,
});
jest.spyOn(BrowserApi, "createWindow").mockImplementation();
- jest.spyOn(BrowserApi, "updateWindowProperties").mockImplementation();
- jest.spyOn(BrowserApi, "getPlatformInfo").mockImplementation();
});
it("creates a window with the default window options", async () => {
@@ -274,63 +267,6 @@ describe("BrowserPopupUtils", () => {
url: `chrome-extension://id/${url}?uilocation=popout&singleActionPopout=123`,
});
});
-
- it("exits fullscreen and focuses popout window if the current window is fullscreen and platform is mac", async () => {
- const url = "popup/index.html";
- jest.spyOn(BrowserPopupUtils as any, "isSingleActionPopoutOpen").mockResolvedValueOnce(false);
- jest.spyOn(BrowserApi, "getPlatformInfo").mockReset().mockResolvedValueOnce({
- os: "mac",
- arch: "x86-64",
- nacl_arch: "x86-64",
- });
- jest.spyOn(BrowserApi, "getWindow").mockReset().mockResolvedValueOnce({
- id: 1,
- left: 100,
- top: 100,
- focused: false,
- alwaysOnTop: false,
- incognito: false,
- width: PopupWidthOptions.default,
- state: "fullscreen",
- });
- jest
- .spyOn(BrowserApi, "createWindow")
- .mockResolvedValueOnce({ id: 2 } as chrome.windows.Window);
-
- await BrowserPopupUtils.openPopout(url, { senderWindowId: 1 });
- expect(BrowserApi.updateWindowProperties).toHaveBeenCalledWith(1, {
- state: "maximized",
- });
- expect(BrowserApi.updateWindowProperties).toHaveBeenCalledWith(2, {
- focused: true,
- });
- });
-
- it("doesnt exit fullscreen if the platform is not mac", async () => {
- const url = "popup/index.html";
- jest.spyOn(BrowserPopupUtils as any, "isSingleActionPopoutOpen").mockResolvedValueOnce(false);
- jest.spyOn(BrowserApi, "getPlatformInfo").mockReset().mockResolvedValueOnce({
- os: "win",
- arch: "x86-64",
- nacl_arch: "x86-64",
- });
- jest.spyOn(BrowserApi, "getWindow").mockResolvedValueOnce({
- id: 1,
- left: 100,
- top: 100,
- focused: false,
- alwaysOnTop: false,
- incognito: false,
- width: PopupWidthOptions.default,
- state: "fullscreen",
- });
-
- await BrowserPopupUtils.openPopout(url);
-
- expect(BrowserApi.updateWindowProperties).not.toHaveBeenCalledWith(1, {
- state: "maximized",
- });
- });
});
describe("openCurrentPagePopout", () => {
diff --git a/apps/browser/src/platform/browser/browser-popup-utils.ts b/apps/browser/src/platform/browser/browser-popup-utils.ts
index c8dba57e708..7333023d178 100644
--- a/apps/browser/src/platform/browser/browser-popup-utils.ts
+++ b/apps/browser/src/platform/browser/browser-popup-utils.ts
@@ -168,29 +168,8 @@ export default class BrowserPopupUtils {
) {
return;
}
- const platform = await BrowserApi.getPlatformInfo();
- const isMacOS = platform.os === "mac";
- const isFullscreen = senderWindow.state === "fullscreen";
- const isFullscreenAndMacOS = isFullscreen && isMacOS;
- //macOS specific handling for improved UX when sender in fullscreen aka green button;
- if (isFullscreenAndMacOS) {
- await BrowserApi.updateWindowProperties(senderWindow.id, {
- state: "maximized",
- });
- //wait for macOS animation to finish
- await new Promise((resolve) => setTimeout(resolve, 1000));
- }
-
- const newWindow = await BrowserApi.createWindow(popoutWindowOptions);
-
- if (isFullscreenAndMacOS) {
- await BrowserApi.updateWindowProperties(newWindow.id, {
- focused: true,
- });
- }
-
- return newWindow;
+ return await BrowserApi.createWindow(popoutWindowOptions);
}
/**
From 3a232c92963a5c2216e4de2f5f12ff4aa1dff4e6 Mon Sep 17 00:00:00 2001
From: Alex <55413326+AlexRubik@users.noreply.github.com>
Date: Wed, 28 Jan 2026 16:16:06 -0500
Subject: [PATCH 3/6] [PM-31348] phish cleanup - Address code review feedback
from PR #18561 (Cursor-based phishing URL search) (#18638)
---
.../phishing-detection/phishing-resources.ts | 4 --
.../services/phishing-data.service.spec.ts | 64 +++++++++++++++++-
.../services/phishing-data.service.ts | 54 ++++-----------
.../services/phishing-detection.service.ts | 66 ++++++-------------
4 files changed, 94 insertions(+), 94 deletions(-)
diff --git a/apps/browser/src/dirt/phishing-detection/phishing-resources.ts b/apps/browser/src/dirt/phishing-detection/phishing-resources.ts
index 6595104207a..88068987dd7 100644
--- a/apps/browser/src/dirt/phishing-detection/phishing-resources.ts
+++ b/apps/browser/src/dirt/phishing-detection/phishing-resources.ts
@@ -7,8 +7,6 @@ export type PhishingResource = {
todayUrl: string;
/** Matcher used to decide whether a given URL matches an entry from this resource */
match: (url: URL, entry: string) => boolean;
- /** Whether to use the custom matcher. If false, only exact hasUrl lookups are used. Default: true */
- useCustomMatcher?: boolean;
};
export const PhishingResourceType = Object.freeze({
@@ -58,8 +56,6 @@ export const PHISHING_RESOURCES: Record {
if (!entry) {
return false;
diff --git a/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.spec.ts b/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.spec.ts
index 2d6c7a5a651..0cbb765ce0e 100644
--- a/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.spec.ts
+++ b/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.spec.ts
@@ -186,12 +186,74 @@ describe("PhishingDataService", () => {
expect(result).toBe(false);
expect(logService.error).toHaveBeenCalledWith(
- "[PhishingDataService] IndexedDB lookup via hasUrl failed",
+ "[PhishingDataService] IndexedDB lookup failed",
expect.any(Error),
);
// Custom matcher is disabled, so no custom matcher error is expected
expect(mockIndexedDbService.findMatchingUrl).not.toHaveBeenCalled();
});
+
+ it("should use cursor-based search when useCustomMatcher is enabled", async () => {
+ // Temporarily enable custom matcher for this test
+ const originalValue = (PhishingDataService as any).USE_CUSTOM_MATCHER;
+ (PhishingDataService as any).USE_CUSTOM_MATCHER = true;
+
+ try {
+ // Mock hasUrl to return false (no direct match)
+ mockIndexedDbService.hasUrl.mockResolvedValue(false);
+ // Mock findMatchingUrl to return true (custom matcher finds it)
+ mockIndexedDbService.findMatchingUrl.mockResolvedValue(true);
+
+ const url = new URL("http://phish.com/path");
+ const result = await service.isPhishingWebAddress(url);
+
+ expect(result).toBe(true);
+ expect(mockIndexedDbService.hasUrl).toHaveBeenCalled();
+ expect(mockIndexedDbService.findMatchingUrl).toHaveBeenCalled();
+ } finally {
+ // Restore original value
+ (PhishingDataService as any).USE_CUSTOM_MATCHER = originalValue;
+ }
+ });
+
+ it("should return false when custom matcher finds no match (when enabled)", async () => {
+ const originalValue = (PhishingDataService as any).USE_CUSTOM_MATCHER;
+ (PhishingDataService as any).USE_CUSTOM_MATCHER = true;
+
+ try {
+ mockIndexedDbService.hasUrl.mockResolvedValue(false);
+ mockIndexedDbService.findMatchingUrl.mockResolvedValue(false);
+
+ const url = new URL("http://safe.com/path");
+ const result = await service.isPhishingWebAddress(url);
+
+ expect(result).toBe(false);
+ expect(mockIndexedDbService.findMatchingUrl).toHaveBeenCalled();
+ } finally {
+ (PhishingDataService as any).USE_CUSTOM_MATCHER = originalValue;
+ }
+ });
+
+ it("should handle custom matcher errors gracefully (when enabled)", async () => {
+ const originalValue = (PhishingDataService as any).USE_CUSTOM_MATCHER;
+ (PhishingDataService as any).USE_CUSTOM_MATCHER = true;
+
+ try {
+ mockIndexedDbService.hasUrl.mockResolvedValue(false);
+ mockIndexedDbService.findMatchingUrl.mockRejectedValue(new Error("Cursor error"));
+
+ const url = new URL("http://error.com/path");
+ const result = await service.isPhishingWebAddress(url);
+
+ expect(result).toBe(false);
+ expect(logService.error).toHaveBeenCalledWith(
+ "[PhishingDataService] Custom matcher failed",
+ expect.any(Error),
+ );
+ } finally {
+ (PhishingDataService as any).USE_CUSTOM_MATCHER = originalValue;
+ }
+ });
});
describe("data updates", () => {
diff --git a/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.ts b/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.ts
index c34a94ecced..03759ba14bc 100644
--- a/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.ts
+++ b/apps/browser/src/dirt/phishing-detection/services/phishing-data.service.ts
@@ -78,6 +78,10 @@ export const PHISHING_DOMAINS_BLOB_KEY = new KeyDefinition(
/** Coordinates fetching, caching, and patching of known phishing web addresses */
export class PhishingDataService {
+ // Cursor-based search is disabled due to performance (6+ minutes on large databases)
+ // Enable when performance is optimized via indexing or other improvements
+ private static readonly USE_CUSTOM_MATCHER = false;
+
// While background scripts do not necessarily need destroying,
// processes in PhishingDataService are memory intensive.
// We are adding the destroy to guard against accidental leaks.
@@ -153,12 +157,8 @@ export class PhishingDataService {
* @returns True if the URL is a known phishing web address, false otherwise
*/
async isPhishingWebAddress(url: URL): Promise {
- this.logService.debug("[PhishingDataService] isPhishingWebAddress called for: " + url.href);
-
// Skip non-http(s) protocols - phishing database only contains web URLs
- // This prevents expensive fallback checks for chrome://, about:, file://, etc.
if (url.protocol !== "http:" && url.protocol !== "https:") {
- this.logService.debug("[PhishingDataService] Skipping non-http(s) protocol: " + url.protocol);
return false;
}
@@ -176,69 +176,37 @@ export class PhishingDataService {
const urlHref = url.href;
const urlWithoutTrailingSlash = urlHref.endsWith("/") ? urlHref.slice(0, -1) : null;
- this.logService.debug("[PhishingDataService] Checking hasUrl on this string: " + urlHref);
let hasUrl = await this.indexedDbService.hasUrl(urlHref);
- // If not found and URL has trailing slash, try without it
if (!hasUrl && urlWithoutTrailingSlash) {
- this.logService.debug(
- "[PhishingDataService] Checking hasUrl without trailing slash: " +
- urlWithoutTrailingSlash,
- );
hasUrl = await this.indexedDbService.hasUrl(urlWithoutTrailingSlash);
}
if (hasUrl) {
- this.logService.info(
- "[PhishingDataService] Found phishing web address through direct lookup: " + urlHref,
- );
+ this.logService.info("[PhishingDataService] Found phishing URL: " + urlHref);
return true;
}
} catch (err) {
- this.logService.error("[PhishingDataService] IndexedDB lookup via hasUrl failed", err);
+ this.logService.error("[PhishingDataService] IndexedDB lookup failed", err);
}
- // If a custom matcher is provided and enabled, use cursor-based search.
- // This avoids loading all URLs into memory and allows early exit on first match.
- // Can be disabled via useCustomMatcher: false for performance reasons.
- if (resource && resource.match && resource.useCustomMatcher !== false) {
+ // Custom matcher is disabled for performance (see USE_CUSTOM_MATCHER)
+ if (resource && resource.match && PhishingDataService.USE_CUSTOM_MATCHER) {
try {
- this.logService.debug(
- "[PhishingDataService] Starting cursor-based search for: " + url.href,
- );
- const startTime = performance.now();
-
const found = await this.indexedDbService.findMatchingUrl((entry) =>
resource.match(url, entry),
);
- const endTime = performance.now();
- const duration = (endTime - startTime).toFixed(2);
- this.logService.debug(
- `[PhishingDataService] Cursor-based search completed in ${duration}ms for: ${url.href} (found: ${found})`,
- );
-
if (found) {
- this.logService.info(
- "[PhishingDataService] Found phishing web address through custom matcher: " + url.href,
- );
- } else {
- this.logService.debug(
- "[PhishingDataService] No match found, returning false for: " + url.href,
- );
+ this.logService.info("[PhishingDataService] Found phishing URL via matcher: " + url.href);
}
return found;
} catch (err) {
- this.logService.error("[PhishingDataService] Error running custom matcher", err);
- this.logService.debug(
- "[PhishingDataService] Returning false due to error for: " + url.href,
- );
+ this.logService.error("[PhishingDataService] Custom matcher failed", err);
return false;
}
}
- this.logService.debug(
- "[PhishingDataService] No custom matcher, returning false for: " + url.href,
- );
+
return false;
}
diff --git a/apps/browser/src/dirt/phishing-detection/services/phishing-detection.service.ts b/apps/browser/src/dirt/phishing-detection/services/phishing-detection.service.ts
index 6ca5bad8942..2fa7bf8ec9e 100644
--- a/apps/browser/src/dirt/phishing-detection/services/phishing-detection.service.ts
+++ b/apps/browser/src/dirt/phishing-detection/services/phishing-detection.service.ts
@@ -1,14 +1,4 @@
-import {
- distinctUntilChanged,
- EMPTY,
- filter,
- map,
- merge,
- mergeMap,
- Subject,
- switchMap,
- tap,
-} from "rxjs";
+import { distinctUntilChanged, EMPTY, filter, map, merge, Subject, switchMap, tap } from "rxjs";
import { PhishingDetectionSettingsServiceAbstraction } from "@bitwarden/common/dirt/services/abstractions/phishing-detection-settings.service.abstraction";
import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
@@ -43,7 +33,6 @@ export class PhishingDetectionService {
private static _tabUpdated$ = new Subject();
private static _ignoredHostnames = new Set();
private static _didInit = false;
- private static _activeSearchCount = 0;
static initialize(
logService: LogService,
@@ -64,7 +53,7 @@ export class PhishingDetectionService {
tap((message) =>
logService.debug(`[PhishingDetectionService] user selected continue for ${message.url}`),
),
- mergeMap(async (message) => {
+ switchMap(async (message) => {
const url = new URL(message.url);
this._ignoredHostnames.add(url.hostname);
await BrowserApi.navigateTabToUrl(message.tabId, url);
@@ -89,40 +78,25 @@ export class PhishingDetectionService {
prev.ignored === curr.ignored,
),
tap((event) => logService.debug(`[PhishingDetectionService] processing event:`, event)),
- // Use mergeMap for parallel processing - each tab check runs independently
- // Concurrency limit of 5 prevents overwhelming IndexedDB
- mergeMap(async ({ tabId, url, ignored }) => {
- this._activeSearchCount++;
- const searchId = `${tabId}-${Date.now()}`;
- logService.debug(
- `[PhishingDetectionService] Search STARTED [${searchId}] for ${url.href} (active: ${this._activeSearchCount}/5)`,
- );
- const startTime = performance.now();
-
- try {
- if (ignored) {
- // The next time this host is visited, block again
- this._ignoredHostnames.delete(url.hostname);
- return;
- }
- const isPhishing = await phishingDataService.isPhishingWebAddress(url);
- if (!isPhishing) {
- return;
- }
-
- const phishingWarningPage = new URL(
- BrowserApi.getRuntimeURL("popup/index.html#/security/phishing-warning") +
- `?phishingUrl=${url.toString()}`,
- );
- await BrowserApi.navigateTabToUrl(tabId, phishingWarningPage);
- } finally {
- this._activeSearchCount--;
- const duration = (performance.now() - startTime).toFixed(2);
- logService.debug(
- `[PhishingDetectionService] Search FINISHED [${searchId}] for ${url.href} in ${duration}ms (active: ${this._activeSearchCount}/5)`,
- );
+ // Use switchMap to cancel any in-progress check when navigating to a new URL
+ // This prevents race conditions where a stale check redirects the user incorrectly
+ switchMap(async ({ tabId, url, ignored }) => {
+ if (ignored) {
+ // The next time this host is visited, block again
+ this._ignoredHostnames.delete(url.hostname);
+ return;
}
- }, 5),
+ const isPhishing = await phishingDataService.isPhishingWebAddress(url);
+ if (!isPhishing) {
+ return;
+ }
+
+ const phishingWarningPage = new URL(
+ BrowserApi.getRuntimeURL("popup/index.html#/security/phishing-warning") +
+ `?phishingUrl=${url.toString()}`,
+ );
+ await BrowserApi.navigateTabToUrl(tabId, phishingWarningPage);
+ }),
);
const onCancelCommand$ = messageListener
From 1dfd68bf5702b0f977caf39d832fdc8ed6585d45 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Wed, 28 Jan 2026 16:18:03 -0500
Subject: [PATCH 4/6] [deps] Autofill: Update concurrently to v9.2.1 (#17540)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
package-lock.json | 31 ++++++++++++++++++++-----------
package.json | 2 +-
2 files changed, 21 insertions(+), 12 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index bf0c5196364..59bd89afce4 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -127,7 +127,7 @@
"base64-loader": "1.0.0",
"browserslist": "4.28.1",
"chromatic": "13.3.4",
- "concurrently": "9.2.0",
+ "concurrently": "9.2.1",
"copy-webpack-plugin": "13.0.1",
"cross-env": "10.1.0",
"css-loader": "7.1.2",
@@ -20558,19 +20558,18 @@
}
},
"node_modules/concurrently": {
- "version": "9.2.0",
- "resolved": "https://registry.npmjs.org/concurrently/-/concurrently-9.2.0.tgz",
- "integrity": "sha512-IsB/fiXTupmagMW4MNp2lx2cdSN2FfZq78vF90LBB+zZHArbIQZjQtzXCiXnvTxCZSvXanTqFLWBjw2UkLx1SQ==",
+ "version": "9.2.1",
+ "resolved": "https://registry.npmjs.org/concurrently/-/concurrently-9.2.1.tgz",
+ "integrity": "sha512-fsfrO0MxV64Znoy8/l1vVIjjHa29SZyyqPgQBwhiDcaW8wJc2W3XWVOGx4M3oJBnv/zdUZIIp1gDeS98GzP8Ng==",
"dev": true,
"license": "MIT",
"dependencies": {
- "chalk": "^4.1.2",
- "lodash": "^4.17.21",
- "rxjs": "^7.8.1",
- "shell-quote": "^1.8.1",
- "supports-color": "^8.1.1",
- "tree-kill": "^1.2.2",
- "yargs": "^17.7.2"
+ "chalk": "4.1.2",
+ "rxjs": "7.8.2",
+ "shell-quote": "1.8.3",
+ "supports-color": "8.1.1",
+ "tree-kill": "1.2.2",
+ "yargs": "17.7.2"
},
"bin": {
"conc": "dist/bin/concurrently.js",
@@ -20583,6 +20582,16 @@
"url": "https://github.com/open-cli-tools/concurrently?sponsor=1"
}
},
+ "node_modules/concurrently/node_modules/rxjs": {
+ "version": "7.8.2",
+ "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-7.8.2.tgz",
+ "integrity": "sha512-dhKf903U/PQZY6boNNtAGdWbG85WAbjT/1xYoZIC7FAY0yWapOBQVsVrDl58W86//e1VpMNBtRV4MaXfdMySFA==",
+ "dev": true,
+ "license": "Apache-2.0",
+ "dependencies": {
+ "tslib": "^2.1.0"
+ }
+ },
"node_modules/concurrently/node_modules/supports-color": {
"version": "8.1.1",
"resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz",
diff --git a/package.json b/package.json
index 3fabb6af099..1cc4cabbceb 100644
--- a/package.json
+++ b/package.json
@@ -94,7 +94,7 @@
"base64-loader": "1.0.0",
"browserslist": "4.28.1",
"chromatic": "13.3.4",
- "concurrently": "9.2.0",
+ "concurrently": "9.2.1",
"copy-webpack-plugin": "13.0.1",
"cross-env": "10.1.0",
"css-loader": "7.1.2",
From 9d8f1af62bf5986b39dc3b6425fcd0b4df6246f6 Mon Sep 17 00:00:00 2001
From: Vijay Oommen
Date: Wed, 28 Jan 2026 15:19:39 -0600
Subject: [PATCH 5/6] PM-30539 created new component and added a filter
(#18630)
---
apps/web/src/locales/en/messages.json | 21 ++
.../applications.component.html | 128 ++++++++++
.../applications.component.ts | 221 ++++++++++++++++++
.../risk-insights.component.html | 5 +
.../risk-insights.component.ts | 10 +
libs/common/src/enums/feature-flag.enum.ts | 2 +
6 files changed, 387 insertions(+)
create mode 100644 bitwarden_license/bit-web/src/app/dirt/access-intelligence/all-applications/applications.component.html
create mode 100644 bitwarden_license/bit-web/src/app/dirt/access-intelligence/all-applications/applications.component.ts
diff --git a/apps/web/src/locales/en/messages.json b/apps/web/src/locales/en/messages.json
index ecb5f8d2dfc..872509a81c2 100644
--- a/apps/web/src/locales/en/messages.json
+++ b/apps/web/src/locales/en/messages.json
@@ -14,6 +14,24 @@
"noCriticalAppsAtRisk": {
"message": "No critical applications at risk"
},
+ "critical":{
+ "message": "Critical ($COUNT$)",
+ "placeholders": {
+ "count": {
+ "content": "$1",
+ "example": "3"
+ }
+ }
+ },
+ "notCritical": {
+ "message": "Not critical ($COUNT$)",
+ "placeholders": {
+ "count": {
+ "content": "$1",
+ "example": "5"
+ }
+ }
+ },
"accessIntelligence": {
"message": "Access Intelligence"
},
@@ -250,6 +268,9 @@
"application": {
"message": "Application"
},
+ "applications": {
+ "message": "Applications"
+ },
"atRiskPasswords": {
"message": "At-risk passwords"
},
diff --git a/bitwarden_license/bit-web/src/app/dirt/access-intelligence/all-applications/applications.component.html b/bitwarden_license/bit-web/src/app/dirt/access-intelligence/all-applications/applications.component.html
new file mode 100644
index 00000000000..092cc4b73d8
--- /dev/null
+++ b/bitwarden_license/bit-web/src/app/dirt/access-intelligence/all-applications/applications.component.html
@@ -0,0 +1,128 @@
+@if ((dataService.reportStatus$ | async) == ReportStatusEnum.Loading) {
+
+} @else {
+ @let drawerDetails = dataService.drawerDetails$ | async;
+
+
{{ "allApplications" | i18n }}
+
+
+
+
{{
+ "atRiskMembers" | i18n
+ }}
+
+ {{ applicationSummary().totalAtRiskMemberCount }}
+ {{
+ "cardMetrics" | i18n: applicationSummary().totalMemberCount
+ }}
+
+
+
+
+
+
+
+
+
+
+
{{ "atRiskApplications" | i18n }}
+
+ {{ applicationSummary().totalAtRiskApplicationCount }}
+ {{
+ "cardMetrics" | i18n: applicationSummary().totalApplicationCount
+ }}
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+